I think 5 years is far too short for "anything military", although in general if the government is relying on copyright law to restrict the dissemination of information, then it probably isn't sensitive enough to keep out of the public domain, even within five years.
I wonder if we'll ever know the whole truth about the warrantless domestic wiretap program? I'm not optimistic.
From what I understand ("Everything You Know About CSS is Wrong"), IE8 should cure several MS/IE-induced problems. So Microsoft is having second thought about _not_ being a perpetual pain in the ass?
IE8 is a decent browser, a huge improvement over IE6 and IE7. However, just about any other browser that the user might choose to install in its place (Safari, Firefox, Opera, Chrome...) will be even better, and making sure that Windows doesn't break when IE is removed is a good thing.
It's safe to assume that most users won't choose to remove IE without first installing a better browser.
Maybe MS should just improve the quality of its rendering engine.
Lo and behold, they did! IE8 passes ACID2. It's still behind all the other major browsers, but they're actually working on trying to catch up.
Remember that no major browser has a currently-shipping release version that passes ACID3; Safari 4 beta and Opera 10 alpha don't count quite yet. It's been argued that Firefox scores higher than IE, but the reality is that neither of them will pass any time soon. IE8 really doesn't look too bad in this light - it's a couple years behind the curve, but only a couple years.
the rendering engine sticks around because it's used elsewhere in the operating system for other tasks
Meaning, of course, it's still there to be exploited by anything that exploits IE rendering bugs.
Yes, just like bugs in OpenSSL can be exploited if you have applications that load that library, even after other applications that use that library have been uninstalled. Of course, security patches will be released to fix those bugs, which is why it's important to stay up to date.
Net neutrality encourages competition between content providers. Consider: Google pays a bunch of money to all the major ISPs to ensure that their web sites get top priority when routing traffic. Somebody comes along and creates a better search engine, but it loads slowly because they can't afford to bribe all those ISPs like Google can. People continue using Google, because it loads faster.
Net neutrality also encourages competition between ISPs. Let's say Google, Microsoft, NBC, and a bunch of other content providers are all paying large chunks of cash to all the major incumbent ISPs. The ISPs can use this cash to reduce customer prices. If you want to start a new ISP, you're not going to be receiving any of that cash from content providers, so you have to charge your customers full price. Nobody will sign up with you, because your service costs more. Of course, once you've gone out of business they can raise their prices and pocket the difference - most of them are local monopolies anyway.
It's not just dance choreography. A lot of concerts have some sort of video display, which is synchronized to the music. Depending on the nature of the show, there may be some pre-recorded parts as well, mixed in with the live performance. Here's an example of both: the lead vocal, keyboard and bass are live, but the drums aren't, the background vocals aren't, and there's a video on the screen.
People who think "user interface" is synonymous with "themes, skins or 3D effects" are a large part of the reason so much software has a terrible user interface.
If you're in a situation where you spend all your time in a constant struggle to find food and shelter, prison can provide freedom from that. Of course you sacrifice mobility in the process, but that's a bit higher up Maslow's hierarchy.
Read the GP post again. Mlwmohawk was talking about a special password that would cause the data to be destroyed. The AC said that wouldn't be a good idea, because they should have created a backup image of the drive first, so if such a destructive password were used, the image could be restored, and you're back to square one.
A password that decrypts an alternative filesystem is definitely a much better idea.
Yeah, next time I go to the US (I don't, because Americans are terrifying and amoral bastards who send foreigners to Syria to be tortured for months or years)...
Please remember that most US citizens do NOT condone this behavior, and it is the policy of the current Administration that our government doesn't do that anymore. Some of us would like to see members of the previous Administration prosecuted for war crimes, although we recognize that there's still too much corruption to allow that to happen.
Part of the problem comes not from amorality, but from ignorance. A staggering percentage of the population simply isn't aware that these things have happened. Sometimes it's willful ignorance - people hear it, but choose not to believe it, either because it sounds so ridiculously contrary to how they know the government should behave, or because the source is a political entity they distrust (the elite left-wing liberal communist media, or whatever). Other times it's because people are apathetic about politics and government, and don't listen to any news about it at all.
Several times after the warrantless wiretapping scandal hit the news, I got into discussions with people who thought the Bush administration was doing what they needed to do. I outlined the three problems with getting a warrant (it takes too long, many judges aren't familiar with matters of national security, and warrants are a matter of public record), and then I explained that FISA addressed these 30 years ago. It's only when I informed people that the NSA has recently been bypassing FISA that they understood what was happening - they'd heard something about warrantless wiretaps on the news, but they were completely unaware that the Bush administration had been circumventing FISA, which is why there was a controversy in the first place.
So even when someone does hear about something the government is doing, they're often not informed enough about the situation to reach any meaningful conclusions. They may be aware that a controversy exists, but completely fail to understand its nature. The torture problem is no different. Many people are dimly aware of a controversy involving torture, but they believe the only people being detained are actual terrorists who have plotted to attack this country and have vital information about such plots, and the Bush administration repeatedly insisted that "enhanced interrogation techniques" do not constitute torture. The mainstream media presents a "fair and balanced" report, presenting the viewer with two versions of the story ("these reporters say the government is torturing detainees, and the government says they're not") without any attempt to discover the truth. Other news sources make no attempt to hide their political bias, making them seem untrustworthy even when what they're reporting is the truth.
Ugh. I wish I could say we're fixing this problem. The new President has taken some positive steps, and if the next four years go really well, he may be allowed to take more. However, the problems run much deeper than one man can fix.
"Releasing the papers would do "serious damage" to cabinet government, he said, and outweighed public interest needs."
I'm not sure why he'd think it's in public interest to keep a corrupt, incompetent, totalitarian regime in power?
Read that again, he doesn't. He knows it's not in the public interest; he's saying that preserving the status quo is more important than the public interest. He's corrupt, not stupid.
I loaded eweek in Firefox, and adblock stopped ads from Doubleclick, Googlesyndication, and Atdmt.com. I'm guess it came from the last one.
These are huge advertisers (atdmt.com is Microsoft, and you probably know that Google bought DoubleClick). Was one of them hacked? If so, what does this have to do with ZD at all?
Blocking scripts isn't guaranteed to protect you from this kind of attack, since the article specifically mentioned that the attack used iframes. Loading a PDF into an iframe can be done with no scripting; this will either trigger a file download or will invoke the Adobe Reader plug-in (or whatever other plug-in your browser is configured to use to display PDF files).
However, if the iframe is inserted into the DOM by a script (not uncommon with advertisements these days), then yeah, blocking scripts would prevent it.
Of course, I imagine the attempt to install a rogue application would trigger a UAC prompt on VIsta, protecting anyone on that platform who isn't a moron.
So what servers were actually compromised by hackers? According to the article, Stephen Wellman, director of community and content for Ziff Davis Enterprise, says no ZD web sites were compromised and it "was not our fault." Whose fault was it? Does ZD use a third-party advertising service? If so, does anyone else use that same advertising service? If ZD runs its own ad servers, how is this not ZD's fault?
The nightly builds of WebKit are stand-alone (it's an application called WebKit that contains its own stand-alone WebKit library), but the Safari beta replaces your system's WebKit library so Dashboard and other applications can use it. Since the whole point of a beta release is to test it, and the final version will work this way, it would be kind of pointless not to do this.
An actor. See The Oracle of Bacon, which draws connections (through movies they've been in) between Kevin Bacon and any other actor you can think of.
A person's "Bacon Number" indicates how many steps away from Kevin Bacon they are, for example someone who has been in a movie with Kevin Bacon has a Bacon Number of 1, while someone who has been in a movie with someone else who's been in a movie with Kevin Bacon has a Bacon Number of 2. It's not easy to think of an actor whose Bacon Number is higher than three.
...and then no one bothers to write an updated RFC?
Sure they did, and corrected some of the errors in the original, but those aren't entirely accurate either. This very helpful draft, which defines how a server can declare precisely how it violates the RFCs or specifying details the RFCs don't cover, was never accepted as an RFC by the IETF. I'm aware of no such document on how to handle colors, which is just a de-facto standard that the mIRC client made up (and has some rather glaring problems) that other clients have to emulate for compatibility.
(Supporting colors is important even for a bot that will never use them, because you have to parse the syntax so you can correctly strip color codes out of messages from other users. The CASEMAPPING parameter defined for the ISUPPORT message is important so you can track whether messages about a user "foo{}" entering the channel and user "foo[]" leaving the channel are talking about the same user or not, otherwise you have no idea how many people are really there. CHANMODES is an enormous pain in the ass to deal with, and if it's not specified via ISUPPORT you just have to guess and hope you can parse it correctly. The list goes on.)
It knocked me offline for a couple of hours. I called my ISP, and they said the problem was at their upstream provider, which is Time Warner. So yeah, this is a big deal.
Their choice of behavior is both in violation of specs *and* a big annoyance. And it's just one random example out of hundreds that I've encountered.
The problem is, the specs are inadequate. RFC 1738 that you mentioned doesn't allow for including a body at all. RFC 2368 supersedes that, but says it's totally OK to completely ignore the body altogether. There's no mention of size limits one way or the other.
I encountered this problem when trying to write an IRC bot. The IRC protocol is poorly defined in the RFCs, so nobody actually follows the RFCs. IRC is a mish-mash of de-facto standards; you can use the RFCs to get you started, but then you have to basically reverse-engineer the popular clients to figure out how they behave, and test your code on a variety of servers since they all work differently.
Slashdot Mirror
Why isn't it as simple as take the old hard disk out, and put the new one in?
You could also do that, of course, and it would be simpler. 1TB 2.5" drives aren't yet available, so you could only upgrade to 500GB that way.
I think 5 years is far too short for "anything military", although in general if the government is relying on copyright law to restrict the dissemination of information, then it probably isn't sensitive enough to keep out of the public domain, even within five years.
I wonder if we'll ever know the whole truth about the warrantless domestic wiretap program? I'm not optimistic.
I thought cheating on homework was what older siblings were for.
Not everyone has older siblings, you insensitive clod!
From what I understand ("Everything You Know About CSS is Wrong"), IE8 should cure several MS/IE-induced problems. So Microsoft is having second thought about _not_ being a perpetual pain in the ass?
IE8 is a decent browser, a huge improvement over IE6 and IE7. However, just about any other browser that the user might choose to install in its place (Safari, Firefox, Opera, Chrome...) will be even better, and making sure that Windows doesn't break when IE is removed is a good thing.
It's safe to assume that most users won't choose to remove IE without first installing a better browser.
Maybe MS should just improve the quality of its rendering engine.
Lo and behold, they did! IE8 passes ACID2. It's still behind all the other major browsers, but they're actually working on trying to catch up.
Remember that no major browser has a currently-shipping release version that passes ACID3; Safari 4 beta and Opera 10 alpha don't count quite yet. It's been argued that Firefox scores higher than IE, but the reality is that neither of them will pass any time soon. IE8 really doesn't look too bad in this light - it's a couple years behind the curve, but only a couple years.
the rendering engine sticks around because it's used elsewhere in the operating system for other tasks
Meaning, of course, it's still there to be exploited by anything that exploits IE rendering bugs.
Yes, just like bugs in OpenSSL can be exploited if you have applications that load that library, even after other applications that use that library have been uninstalled. Of course, security patches will be released to fix those bugs, which is why it's important to stay up to date.
Net neutrality encourages competition between content providers. Consider: Google pays a bunch of money to all the major ISPs to ensure that their web sites get top priority when routing traffic. Somebody comes along and creates a better search engine, but it loads slowly because they can't afford to bribe all those ISPs like Google can. People continue using Google, because it loads faster.
Net neutrality also encourages competition between ISPs. Let's say Google, Microsoft, NBC, and a bunch of other content providers are all paying large chunks of cash to all the major incumbent ISPs. The ISPs can use this cash to reduce customer prices. If you want to start a new ISP, you're not going to be receiving any of that cash from content providers, so you have to charge your customers full price. Nobody will sign up with you, because your service costs more. Of course, once you've gone out of business they can raise their prices and pocket the difference - most of them are local monopolies anyway.
I didn't mean the lead vocals are always live, I meant they're live in the particular video I offered as an example.
It's not just dance choreography. A lot of concerts have some sort of video display, which is synchronized to the music. Depending on the nature of the show, there may be some pre-recorded parts as well, mixed in with the live performance. Here's an example of both: the lead vocal, keyboard and bass are live, but the drums aren't, the background vocals aren't, and there's a video on the screen.
People who think "user interface" is synonymous with "themes, skins or 3D effects" are a large part of the reason so much software has a terrible user interface.
If you're in a situation where you spend all your time in a constant struggle to find food and shelter, prison can provide freedom from that. Of course you sacrifice mobility in the process, but that's a bit higher up Maslow's hierarchy.
Read the GP post again. Mlwmohawk was talking about a special password that would cause the data to be destroyed. The AC said that wouldn't be a good idea, because they should have created a backup image of the drive first, so if such a destructive password were used, the image could be restored, and you're back to square one.
A password that decrypts an alternative filesystem is definitely a much better idea.
Yeah, next time I go to the US (I don't, because Americans are terrifying and amoral bastards who send foreigners to Syria to be tortured for months or years)...
Please remember that most US citizens do NOT condone this behavior, and it is the policy of the current Administration that our government doesn't do that anymore. Some of us would like to see members of the previous Administration prosecuted for war crimes, although we recognize that there's still too much corruption to allow that to happen.
Part of the problem comes not from amorality, but from ignorance. A staggering percentage of the population simply isn't aware that these things have happened. Sometimes it's willful ignorance - people hear it, but choose not to believe it, either because it sounds so ridiculously contrary to how they know the government should behave, or because the source is a political entity they distrust (the elite left-wing liberal communist media, or whatever). Other times it's because people are apathetic about politics and government, and don't listen to any news about it at all.
Several times after the warrantless wiretapping scandal hit the news, I got into discussions with people who thought the Bush administration was doing what they needed to do. I outlined the three problems with getting a warrant (it takes too long, many judges aren't familiar with matters of national security, and warrants are a matter of public record), and then I explained that FISA addressed these 30 years ago. It's only when I informed people that the NSA has recently been bypassing FISA that they understood what was happening - they'd heard something about warrantless wiretaps on the news, but they were completely unaware that the Bush administration had been circumventing FISA, which is why there was a controversy in the first place.
So even when someone does hear about something the government is doing, they're often not informed enough about the situation to reach any meaningful conclusions. They may be aware that a controversy exists, but completely fail to understand its nature. The torture problem is no different. Many people are dimly aware of a controversy involving torture, but they believe the only people being detained are actual terrorists who have plotted to attack this country and have vital information about such plots, and the Bush administration repeatedly insisted that "enhanced interrogation techniques" do not constitute torture. The mainstream media presents a "fair and balanced" report, presenting the viewer with two versions of the story ("these reporters say the government is torturing detainees, and the government says they're not") without any attempt to discover the truth. Other news sources make no attempt to hide their political bias, making them seem untrustworthy even when what they're reporting is the truth.
Ugh. I wish I could say we're fixing this problem. The new President has taken some positive steps, and if the next four years go really well, he may be allowed to take more. However, the problems run much deeper than one man can fix.
If you RTFA, you'll notice the bottom half of it is titled:
Why this is all marketing nonsense
Funny how the summary left out that part.
"Releasing the papers would do "serious damage" to cabinet government, he said, and outweighed public interest needs."
I'm not sure why he'd think it's in public interest to keep a corrupt, incompetent, totalitarian regime in power?
Read that again, he doesn't. He knows it's not in the public interest; he's saying that preserving the status quo is more important than the public interest. He's corrupt, not stupid.
I loaded eweek in Firefox, and adblock stopped ads from Doubleclick, Googlesyndication, and Atdmt.com. I'm guess it came from the last one.
These are huge advertisers (atdmt.com is Microsoft, and you probably know that Google bought DoubleClick). Was one of them hacked? If so, what does this have to do with ZD at all?
Blocking scripts isn't guaranteed to protect you from this kind of attack, since the article specifically mentioned that the attack used iframes. Loading a PDF into an iframe can be done with no scripting; this will either trigger a file download or will invoke the Adobe Reader plug-in (or whatever other plug-in your browser is configured to use to display PDF files).
However, if the iframe is inserted into the DOM by a script (not uncommon with advertisements these days), then yeah, blocking scripts would prevent it.
Of course, I imagine the attempt to install a rogue application would trigger a UAC prompt on VIsta, protecting anyone on that platform who isn't a moron.
So what servers were actually compromised by hackers? According to the article, Stephen Wellman, director of community and content for Ziff Davis Enterprise, says no ZD web sites were compromised and it "was not our fault." Whose fault was it? Does ZD use a third-party advertising service? If so, does anyone else use that same advertising service? If ZD runs its own ad servers, how is this not ZD's fault?
The difference is, Safari 4 will be out of beta within 6 months.
You're right, though: this is a "play it safe" release.
The nightly builds of WebKit are stand-alone (it's an application called WebKit that contains its own stand-alone WebKit library), but the Safari beta replaces your system's WebKit library so Dashboard and other applications can use it. Since the whole point of a beta release is to test it, and the final version will work this way, it would be kind of pointless not to do this.
Who the heck is Kevin Bacon?
An actor. See The Oracle of Bacon, which draws connections (through movies they've been in) between Kevin Bacon and any other actor you can think of.
A person's "Bacon Number" indicates how many steps away from Kevin Bacon they are, for example someone who has been in a movie with Kevin Bacon has a Bacon Number of 1, while someone who has been in a movie with someone else who's been in a movie with Kevin Bacon has a Bacon Number of 2. It's not easy to think of an actor whose Bacon Number is higher than three.
Because Adobe Flash does not exist on FreeBSD, the userbase here with FreeBSD doesn't have Adobe Flash.
Believe it or not, the overwhelming majority of Slashdot users run Windows.
...and then no one bothers to write an updated RFC?
Sure they did, and corrected some of the errors in the original, but those aren't entirely accurate either. This very helpful draft, which defines how a server can declare precisely how it violates the RFCs or specifying details the RFCs don't cover, was never accepted as an RFC by the IETF. I'm aware of no such document on how to handle colors, which is just a de-facto standard that the mIRC client made up (and has some rather glaring problems) that other clients have to emulate for compatibility.
(Supporting colors is important even for a bot that will never use them, because you have to parse the syntax so you can correctly strip color codes out of messages from other users. The CASEMAPPING parameter defined for the ISUPPORT message is important so you can track whether messages about a user "foo{}" entering the channel and user "foo[]" leaving the channel are talking about the same user or not, otherwise you have no idea how many people are really there. CHANMODES is an enormous pain in the ass to deal with, and if it's not specified via ISUPPORT you just have to guess and hope you can parse it correctly. The list goes on.)
It knocked me offline for a couple of hours. I called my ISP, and they said the problem was at their upstream provider, which is Time Warner. So yeah, this is a big deal.
Their choice of behavior is both in violation of specs *and* a big annoyance. And it's just one random example out of hundreds that I've encountered.
The problem is, the specs are inadequate. RFC 1738 that you mentioned doesn't allow for including a body at all. RFC 2368 supersedes that, but says it's totally OK to completely ignore the body altogether. There's no mention of size limits one way or the other.
I encountered this problem when trying to write an IRC bot. The IRC protocol is poorly defined in the RFCs, so nobody actually follows the RFCs. IRC is a mish-mash of de-facto standards; you can use the RFCs to get you started, but then you have to basically reverse-engineer the popular clients to figure out how they behave, and test your code on a variety of servers since they all work differently.